General

  • Target

    0b3f621bc4bc07aa0150923f312bf79f_JaffaCakes118

  • Size

    278KB

  • Sample

    240501-g3br5shh4s

  • MD5

    0b3f621bc4bc07aa0150923f312bf79f

  • SHA1

    3373b5f9ad4b5d6745e72ee5dc79fe93432ca845

  • SHA256

    112105618068196351bc60363d2ced66e0c33e48623b8075ca7acb4b6e4943ee

  • SHA512

    6ef0668680db8fcfba53d403a9670adf763cc0a816fa644b75c62992a1f137f6b9aa3ed4115791055fa6c43f0dd3441d35fd6edf342781f1ccc77c4a7d4903a4

  • SSDEEP

    3072:iOsZRgkGcTcdE2AtHVpA3YRZY9PW/jnGwMkvBvQ0v8xhZC68sJRm7mmeCcUNxBBb:CJWdpAZsyY9UjG+pvQm8xRnJEDeC

Score
10/10

Malware Config

Targets

    • Target

      0b3f621bc4bc07aa0150923f312bf79f_JaffaCakes118

    • Size

      278KB

    • MD5

      0b3f621bc4bc07aa0150923f312bf79f

    • SHA1

      3373b5f9ad4b5d6745e72ee5dc79fe93432ca845

    • SHA256

      112105618068196351bc60363d2ced66e0c33e48623b8075ca7acb4b6e4943ee

    • SHA512

      6ef0668680db8fcfba53d403a9670adf763cc0a816fa644b75c62992a1f137f6b9aa3ed4115791055fa6c43f0dd3441d35fd6edf342781f1ccc77c4a7d4903a4

    • SSDEEP

      3072:iOsZRgkGcTcdE2AtHVpA3YRZY9PW/jnGwMkvBvQ0v8xhZC68sJRm7mmeCcUNxBBb:CJWdpAZsyY9UjG+pvQm8xRnJEDeC

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks